Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/fMQKHPdwlAZkZ2hhbkkSgaa08Q8.roa
File: fMQKHPdwlAZkZ2hhbkkSgaa08Q8.roa (raw, json)
Hash identifier: ug7inXXnfaXrWcIxfRh4p80yhCiMQK+gh2XyJ1GPdOo=
Subject key identifier: 7C:C4:0A:1C:F7:70:94:06:64:67:68:61:6E:49:12:81:A6:B4:F1:0F
Certificate issuer: /CN=059f516802c261309a61048772e6eafd5867a990
Certificate serial: 01856BE5A7EA0641D7713A9D12C62D2E880C
Authority key identifier: 05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/fMQKHPdwlAZkZ2hhbkkSgaa08Q8.roa
Signing time: Sun 01 Jan 2023 05:54:50 +0000
ROA not before: Sun 01 Jan 2023 05:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209865
IP address blocks: 213.184.76.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:a7:ea:06:41:d7:71:3a:9d:12:c6:2d:2e:88:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059f516802c261309a61048772e6eafd5867a990
Validity
Not Before: Jan 1 05:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7cc40a1cf7709406646768616e491281a6b4f10f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bc:04:5e:64:ed:da:7e:e6:cb:bb:5d:4f:e7:
90:6b:69:0f:56:9c:c0:61:a2:5a:a8:29:30:6c:10:
2f:20:99:bc:a3:67:03:e3:0d:9e:5d:b2:8a:4a:25:
96:a8:6d:6a:57:57:af:08:f0:c8:fe:d1:e7:02:b1:
9d:e9:22:a2:28:e4:55:85:5f:3b:d4:0b:ae:02:4a:
aa:4f:83:db:ee:84:ef:44:5c:2b:36:dc:1a:c3:d6:
cf:56:9b:82:1e:70:8e:37:f3:ce:0f:8d:da:6d:09:
f1:13:a0:8e:da:93:84:d8:54:57:f4:d4:2f:56:c4:
0f:ab:2a:f7:a8:25:f5:c6:09:a2:19:6c:82:04:e1:
ba:b3:b8:87:a1:d7:b4:ed:91:3b:41:25:cb:eb:2d:
0e:53:ba:4c:e4:88:47:5f:0e:4b:3d:75:82:7c:53:
14:c9:cd:c1:d8:e8:bf:1d:1f:ae:6c:82:f7:a8:c4:
66:a4:43:22:20:8e:ee:f4:69:42:07:5d:35:76:59:
f0:5d:69:a1:4b:b7:9d:2d:50:14:df:a1:b0:9c:e2:
78:4d:ab:81:31:89:c4:84:19:6d:f1:8c:fc:02:4b:
20:c1:08:83:2c:17:d0:66:9a:63:a6:c5:83:e8:56:
65:15:85:56:f0:ee:30:01:9e:0b:fa:2c:00:b2:b5:
ff:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:C4:0A:1C:F7:70:94:06:64:67:68:61:6E:49:12:81:A6:B4:F1:0F
X509v3 Authority Key Identifier:
keyid:05:9F:51:68:02:C2:61:30:9A:61:04:87:72:E6:EA:FD:58:67:A9:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZ9RaALCYTCaYQSHcubq_VhnqZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/fMQKHPdwlAZkZ2hhbkkSgaa08Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/4087cf-71e9-42ca-8c35-951b1985671c/1/BZ9RaALCYTCaYQSHcubq_VhnqZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.184.76.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:4c:0f:b5:0a:30:57:ba:78:0a:3c:93:a0:d7:5e:10:89:fc:
8e:00:80:1a:2e:6f:ff:dd:5b:a9:e3:8c:51:63:fb:eb:e6:1c:
bd:74:1f:58:3e:bb:32:a1:ea:0b:97:f4:9a:7a:dd:29:66:4c:
1b:8d:67:30:7a:84:33:99:2b:9f:a9:ee:32:2f:2a:69:b9:be:
c0:87:3f:47:fe:ec:a0:7a:be:b7:98:7e:9e:3d:d3:c3:90:65:
ac:c0:11:55:9e:07:cc:94:b4:85:52:1f:be:04:0e:50:a4:12:
d3:8d:12:d4:77:24:ec:ca:c7:f7:40:d1:b1:a5:3e:8c:5f:3b:
22:34:cd:4c:ca:2a:a7:d3:c2:75:83:45:82:d3:77:a2:07:9e:
e2:93:0f:f9:cf:c8:0b:20:63:05:bb:18:49:6f:95:4d:dc:12:
24:aa:80:e2:e0:24:9f:00:5f:29:ed:e2:a9:24:71:3b:77:da:
6b:1f:99:b4:7e:ce:15:71:44:a6:bc:23:9b:23:ed:81:c6:61:
a8:c1:c7:b1:2a:d0:5b:0a:13:39:36:ea:d0:6d:a6:d3:95:92:
65:06:3d:03:d5:fa:69:06:5f:63:5b:b2:3a:72:9a:8e:77:51:
13:2b:e2:fc:ad:18:a4:fd:5a:90:a5:c6:21:58:d4:ac:3b:85:
74:65:8c:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr5afqBkHXcTqdEsYtLogMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWY1MTY4MDJjMjYxMzA5YTYxMDQ4NzcyZTZlYWZkNTg2
N2E5OTAwHhcNMjMwMTAxMDU1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2M0MGExY2Y3NzA5NDA2NjQ2NzY4NjE2ZTQ5MTI4MWE2YjRmMTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbwEXmTt2n7my7tdT+eQa2kPVpzA
YaJaqCkwbBAvIJm8o2cD4w2eXbKKSiWWqG1qV1evCPDI/tHnArGd6SKiKORVhV87
1AuuAkqqT4Pb7oTvRFwrNtwaw9bPVpuCHnCON/POD43abQnxE6CO2pOE2FRX9NQv
VsQPqyr3qCX1xgmiGWyCBOG6s7iHode07ZE7QSXL6y0OU7pM5IhHXw5LPXWCfFMU
yc3B2Oi/HR+ubIL3qMRmpEMiII7u9GlCB101dlnwXWmhS7edLVAU36GwnOJ4TauB
MYnEhBlt8Yz8AksgwQiDLBfQZppjpsWD6FZlFYVW8O4wAZ4L+iwAsrX/XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHzEChz3cJQGZGdoYW5JEoGmtPEPMB8GA1UdIwQY
MBaAFAWfUWgCwmEwmmEEh3Lm6v1YZ6mQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUt
OTUxYjE5ODU2NzFjLzEvZk1RS0hQZHdsQVprWjJoaGJra1NnYWEwOFE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy80MDg3Y2YtNzFlOS00MmNhLThjMzUtOTUxYjE5ODU2NzFj
LzEvQlo5UmFBTENZVENhWVFTSGN1YnFfVmhucVpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1bhMMA0G
CSqGSIb3DQEBCwUAA4IBAQCiTA+1CjBXungKPJOg114QifyOAIAaLm//3Vup44xR
Y/vr5hy9dB9YPrsyoeoLl/Saet0pZkwbjWcweoQzmSufqe4yLyppub7Ahz9H/uyg
er63mH6ePdPDkGWswBFVngfMlLSFUh++BA5QpBLTjRLUdyTsysf3QNGxpT6MXzsi
NM1Myiqn08J1g0WC03eiB57ikw/5z8gLIGMFuxhJb5VN3BIkqoDi4CSfAF8p7eKp
JHE7d9prH5m0fs4VcUSmvCObI+2BxmGowcexKtBbChM5NurQbabTlZJlBj0D1fpp
Bl9jW7I6cpqOd1ETK+L8rRik/VqQpcYhWNSsO4V0ZYx7
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:55:12 2025 by rpki-client